Quantcast
Connect with us

US agency that certifies the security of voting machines was itself hacked: report

Published

on

The U.S. agency charged with ensuring that voting machines meet security standards was itself penetrated by a hacker after the November elections, according to a security firm working with law enforcement on the matter.

The security firm, Recorded Future, was monitoring underground electronic markets where hackers buy and sell wares and discovered someone offering log-on credentials for access to computers at the U.S. Election Assistance Commission, company executives said.

ADVERTISEMENT

Posing as a potential buyer, the researchers engaged in a conversation with the hacker, said Levi Gundert, vice president of intelligence at the company, and Andrei Barysevich, director of advanced collection.

Eventually they discovered that the Russian-speaking hacker had obtained the credentials of more than 100 people at the election commission after exploiting a common database vulnerability, the researchers said.

The hacker was trying to sell information about the vulnerability to a Middle Eastern government for several thousand dollars, but the researchers alerted law enforcement and said Thursday that the hole had been patched.

The Election Assistance Commission said in a statement late Thursday that it had become aware of a “potential intrusion” and was “working with federal law enforcement agencies to investigate the potential breach and its effects.”

ADVERTISEMENT

“The FBI is currently conducting an ongoing criminal investigation,” the statement added.

The election commission certifies voting systems and develops standards for technical guidelines and best practices for election officials across the country.

The researchers said the hacker had an unusual business model, scanning for ways to break into all manner of businesses and other entities and then moving rapidly to sell that access, rather than stealing the data himself.

ADVERTISEMENT

“We don’t think he actually works for any government or is super sophisticated,” Barysevich said.

In the case of the election commission, the hacker used methods including an SQL injection, a well known and preventable flaw, obtaining a list of user names and obfuscated passwords, which he was then able to crack.

Though much of the commission’s work is public, the hacker gained access to non-public reports on flaws in voting machines.

ADVERTISEMENT

In theory, someone could have used knowledge of such flaws to attack specific machines, said Matt Blaze, an electronic voting expert and professor at the University of Pennsylvania.

The researchers were confident that the hacker moved to sell his access soon after getting it, meaning that he was not inside the system before election day.

The U.S. voting process is decentralized and there were no reports of widespread fraud in November.

ADVERTISEMENT

The Election Assistance Commission was created by the Help America Vote Act of 2002 and is led by presidential appointees.

(Editing by Jonathan Weber and Leslie Adler)

Enjoy this piece?

… then let us make a small request. Like you, we here at Raw Story believe in the power of progressive journalism — and we’re investing in investigative reporting as other publications give it the ax. Raw Story readers power David Cay Johnston’s DCReport, which we've expanded to keep watch in Washington. We’ve exposed billionaire tax evasion and uncovered White House efforts to poison our water. We’ve revealed financial scams that prey on veterans, and legal efforts to harm workers exploited by abusive bosses. We’ve launched a weekly podcast, “We’ve Got Issues,” focused on issues, not tweets. And unlike other news outlets, we’ve decided to make our original content free. But we need your support to do what we do.

Raw Story is independent. You won’t find mainstream media bias here. We’re not part of a conglomerate, or a project of venture capital bros. From unflinching coverage of racism, to revealing efforts to erode our rights, Raw Story will continue to expose hypocrisy and harm. Unhinged from billionaires and corporate overlords, we fight to ensure no one is forgotten.

We need your support to keep producing quality journalism and deepen our investigative reporting. Every reader contribution, whatever the amount, makes a tremendous difference. Invest with us in the future. Make a one-time contribution to Raw Story Investigates, or click here to become a subscriber. Thank you. Click to donate by check.

Enjoy this piece?

… then let us make a small request. Like you, we here at Raw Story believe in the power of progressive journalism — and we’re investing in investigative reporting as other publications give it the ax. Raw Story readers power David Cay Johnston’s DCReport, which we've expanded to keep watch in Washington. We’ve exposed billionaire tax evasion and uncovered White House efforts to poison our water. We’ve revealed financial scams that prey on veterans, and efforts to harm workers exploited by abusive bosses. We’ve launched a weekly podcast, “We’ve Got Issues,” focused on issues, not tweets. Unlike other news sites, we’ve decided to make our original content free. But we need your support to do what we do.

Raw Story is independent. You won’t find mainstream media bias here. We’re not part of a conglomerate, or a project of venture capital bros. From unflinching coverage of racism, to revealing efforts to erode our rights, Raw Story will continue to expose hypocrisy and harm. Unhinged from corporate overlords, we fight to ensure no one is forgotten.

We need your support to keep producing quality journalism and deepen our investigative reporting. Every reader contribution, whatever the amount, makes a tremendous difference. Invest with us in the future. Make a one-time contribution to Raw Story Investigates, or click here to become a subscriber. Thank you.



Report typos and corrections to: [email protected]. Send news tips to: [email protected].
READ COMMENTS - JOIN THE DISCUSSION
Continue Reading

Breaking Banner

At least eight prison officials knew Epstein wasn’t supposed to be left alone — but they did it anyway: report

Published

on

On Wednesday, the Washington Post reported that at least eight staffers at the Bureau of Prisons were aware that arrested hedge fund manager Jeffrey Epstein could be a risk to himself if left unsupervised — raising further questions about why exactly guards left him to his own devices on the night that he allegedly hanged himself.

Investigators reportedly believe that at least some of these officials were aware that he had been left alone. It is unclear why nobody intervened, and the Justice Department is continuing with its investigation. Attorney General William Barr recently ordered the removal of the acting director of the Bureau of Prisons.

Continue Reading

Breaking Banner

Former Trump official caught having sex with White House staffer on roof of government building

Published

on

A former official in President Donald Trump's General Services Administration was caught having a sexual encounter with a White House staffer on the roof of his office building, NBC News4 Washington reported Wednesday.

The incident happened in 2017 according to the report, which detailed multiple HR violations under the associate administrator, including drinking vodka from a bottle in his office "after normal business hours." The report was part of an Inspector General investigation at the GSA News 4 discovered under a Freedom of Information Act request.

Continue Reading
 

Breaking Banner

If Republicans oppose Trump they can help prove any support of the president is phony: Conservative

Published

on

In a scathing column Wednesday, conservative writer Jennifer Rubin explained that one of the best ways Republicans can help what's left of the GOP is by opposing Trump to prove support for him is a lie.

A report in The Washington Post revealed some "Never Trump" Republicans are thinking of running against the president, even if they have no chance in winning.

Continue Reading
 
 

Thank you for whitelisting Raw Story!

As a special thank you, from now until August 31st, we're offering you a discounted rate of $5.99/month to subscribe and get ad-free access. We're honored to have you as a reader. Thank you. :) —Elias, Membership Coordinator
LEARN MORE
close-link
close-image